News
The State of Cybersecurity in 2023: Balancing Budgets, Consolidating Tools, and Overcoming Data Corruption
January 2023 by Andrew Hollister, Chief Information Security Officer (CISO) at LogRhythm
Over the past year, CISOs and cybersecurity decision-makers have found themselves busy with continued uncertainty.
2022 has seen no relief from cyberattacks in every sector, with attackers taking advantage of digital transformation in general, and specifically continuing cloud adoption, to both launch and direct attacks.
Attackers continue to innovate, and as we anticipate tough economic times ahead, cybersecurity budgets need to be analyzed carefully to ensure that appropriate and effective defense against cyberattacks continues to be prioritized. Security events hold the potential to significantly impact revenue, which begs the attention of executive leadership and pushes organizations to align on expectations both internally and externally.
Here are my predictions for the challenges that should be on organization’s radars for 2023.
Economic Challenges and Balancing Budgets
In tough economic times, an organization’s c-suite will be focused on cutting what they perceive as non-essential costs. It’s exceptionally important that when leadership thinks about cybersecurity budgets, they take the time to carefully analyze and understand what they are protecting from a business perspective.
To protect their business operations, organizations need to be ready for further evolution of the threat landscape. Balancing budgets to achieve a comprehensive security posture is now a business imperative and investing in the protection of critical assets is especially important for driving future growth in challenging economic circumstances.
According to recent research from LogRhythm, 67% of security professionals indicated their company had lost a business deal due to the customer’s lack of confidence in their security strategy. Executive leaders need to ensure they align to expectations both internally and externally.
Cybersecurity Consolidation
As cyberattacks continue to rise, I anticipate more organizations will be doubling down on frontline prevention and detection technologies to stay secure. This will also involve consolidating cybersecurity tools where possible.
LogRhythm’s recent research report also indicated that 85% of organizations use overlapping tools – the majority of which is accidental - resulting in more effort without yielding better security outcomes. The report further found that nearly half believe that consolidation would lead to faster issue detection and improved security posture.
Developing comprehensive threat prevention and detection capabilities within a single platform will help organizations improve their security posture and deliver on their cybersecurity priorities.
Ransomware Operators Favoring Corruption over Encryption
Ransomware has been an attack vector in continual development over the years and is perhaps the one common threat that keeps all CISOs awake at night. In 2023, we’ll see ransomware attacks focusing on corrupting data rather than encrypting it.
Data corruption is faster than full encryption and the code is immensely easier to write since you don’t need to deal with complex public-private key handling as well as delivering complex decryption code to reverse the damage once the victim pays up. Since almost all ransomware operators already engage in double extortion, meaning they exfiltrate the data before encrypting it, the option of corrupting the data rather than going to the effort of encryption has many attractions. This puts early detection and quick response at the heart of a modern security strategy.
Backing up Critical Data as a Priority
The importance of backing up critical business data has never been higher. If data is compromised and an organization has no backup, it puts threat actors in a stronger position because then the organization must either pay up or accept the loss of the data.
Organizations need to ensure data is backed up to enable business continuity in the event of a successful breach. Having an offline backup adds an additional layer of protection between an organization’s critical data and the threat actor.
Preparing for a Resilient Future
2023 will be another testing year for security teams. Organizations need to continue to focus on doing the basics well, and prioritizing cybersecurity as a business enabler. This requires taking what they’ve learned about the threat landscape in 2022 and ensuring their overall security strategy aligns with the evolving risks.
Cybersecurity teams need to be armed with high quality signals and contextual analytics into threats so that they can reduce noise, prioritize work, and quickly secure their environment.
